CLAIMS : 



This listing of claims will replace all prior versions, and 
listings, of claims in the application: 

Claim 1 (currently amended) : A method of testing a firewall 
comprising : 

transmitting a signal, said signal being at least one 
ofj_ a session initiation signal to initiate a communications 
session through said firewall and a session termination 
signal used to terminate an established communications 
session; and 

monitoring to determine from the time of the 
transmission of said signal at least one said transmitted 
signal at least one of : i ) a port opening delay which occurs 
in regard to between a time of transmitting said signal, when 
said signal is a session initiation signal^ and opening a 
port in said firewall for a communications session that is 
being initiated by said signal , and ii ) a port closing delay 
which occurs between a time of transmitting in regard to said 
signal, when said signal is a session termination signal^ and 
closing a port in said firewall when as part of terminating 
an established communications session in response to said 
transmitted signal . 

Claim 2 (previously presented) : A method of testing a 
firewall comprising: 

transmitting at least one of a session initiation signal 
to initiate a communications session through said firewall 
and a session termination signal used to terminate an 
established communications session; 

monitoring to determine from the time of at least one 
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said transmitted signal at least one of a port opening delay 
which occurs in regard to a session initiation signal and 
opening a port in said firewall for a communications session 
that is being initiated, and a port closing delay which 
occurs in regard to a session termination signal and closing 
a port in said firewall when terminating an established 
communications session; and the method further comprising at 
least one of: 

transmitting session initiation signals at an 
increasing rate through said firewall to cause the opening of 
ports in said firewall, measuring the effect of said 
increasing rate of session initiation signals on at least one 
of an opening and a closing delay time associated with 
opening a port and closing a port, respectively, in response 
to transmitted session initiation signals; and 

transmitting session termination signals at an 
increasing rate through said firewall to cause the closing 
of ports in said firewall, measuring the effect of said 
increasing rate of session termination signals on closing 
delay time associated with closing a port in response to 
transmitted session termination signals. 

Claim 3 (original) : The method according to claim 1, wherein 
said at least one of a port opening delay and a port closing 
delay is a port closing delay. 

Claim 4 (previously presented) : A method of testing a 
firewall comprising: 

transmitting at least one of a session initiation signal 
to initiate a communications session through said firewall 
and a session termination signal used to terminate an 
established communications session; 
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monitoring to determine from the time of at least one 
said transmitted signal a port closing delay which occurs in 
regard to a session termination signal and closing a port in 
said firewall when terminating an established communications 
session; and the 

method further comprising at least one of: 

transmitting session initiation signals at an 
increasing rate through said firewall to cause the opening of 
ports in said firewall, measuring the effect of said 
increasing rate of session initiation signals on opening 
delay time associated with opening a port in response to said 
session initiation signals; and 

transmitting session termination signals at an 
increasing rate through said firewall to cause the closing of 
ports in said firewall measuring the effect of said 
increasing rate of session termination signals on closing 
delay time associated with closing a port in response to said 
session termination signals. 

Claim 5 (original) : The method of claim 4, further 
comprising : 

determining an average closing delay for each of a 
plurality of different session signaling rates. 

Claim 6 (original) : The method of claim 5, further 
comprising : 

generating a visual display of a graph illustrating the 
average closing delay for a plurality of different session 
signaling rates. 

Claim 7 (original) : A method of testing a network firewall 
comprising : 
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transmitting a session signal to terminate an ongoing 
communications session being conducted through at least one 
port of said firewall; and 

measuring a port closing delay time associated with the 
closing of said at least one port following the transmission 
of said signal to terminate said communications session. 

Claim 8 (original) : The method of claim 7, wherein said port 
closing delay is a time period which occurs between the time 
a signal used to cause the closing of the port is detected 
and said port ceases to allow communications signals to pass 
through from the first side of said firewall to the second 
side of said firewall. 

Claim 9 (original) : The method according to claim 8, further 
comprising the steps of: 

transmitting test signals at said port prior to the 
closing of said port; and 

monitoring the port to determine when said test signals 
cease passing through said port. 

Claim 10 (previously presented) : A method of testing a 
network firewall comprising: 

transmitting a session signal to terminate an ongoing 
communications session being conducted through at least one 
port of said firewall; 

measuring a port closing delay time associated with the 
closing of said at least one port following the transmission 
of said signal to terminate said communications session; 

repeating said initiating transmitting and measuring 
steps while increasing a rate of session signals sent to said 
firewall to load said firewall; and 
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monitoring changes in port closing delay times in 
response to said increasing rate of session signals to 
determine effect of increasing levels of session signaling on 
closing delay times. 

Claim 11 (original) : The method of claim 10, further 
comprising : 

determining the level of session signaling that causes a 
closing delay time which exceeds a preselected maximum 
closing delay time. 

Claim 12 (original): The method of claim 10, further 
comprising : 

determining the amount of firewall processing power 
required for a particular application based on an expected 
traffic load and said monitored information indicating the 
effect of session signaling of different loads on said 
closing delay. 

Claim 13 (original): The method of claim 7, wherein said 
session signal is at least one of SIP and H.323 compliant 
signals . 

Claim 14 (original) : A method of testing a network firewall, 
comprising : 

transmitting a session signal to initiate a 
communications session to be conducted through said firewall; 

transmitting test signals to at least one port on a 
first side of said firewall; 

determining a time when said test signals first pass 
through said at least one port, said at least one port being 
opened in response to said signal to initiate a 

-6- 



communications session; and 

determining a port opening delay which occurs in regard 
to opening a port in said firewall for said communications 
session from said determined time. 

Claim 15 (original) : The method of claim 14, wherein said 
port opening delay is a time period which occurs between a 
time a signal used to cause the port for said communications 
session to open is detected and said port allows a signal to 
pass through from the first side of said firewall to the 
second side of said firewall. 

Claim 16 (original): The method according to claim 15, 
further comprising the step of: 

transmitting another session signal to terminate said 
communications session; and 

monitoring a port closing delay time corresponding to a 
port closing delay which occurs in regard to closing the port 
in said firewall that was opened for said communications 
session . 

Claim 17 (original): The method of claim 16, wherein said 
port closing delay is a time period which occurs between the 
time a signal used to cause the closing of the port is 
detected and said port ceases to allow communications signals 
to pass through from the first side of said firewall to the 
second side of said firewall. 

Claim 18 (previously presented) : A method of testing a 
network firewall, comprising: 

transmitting a session signal to initiate a 
communications session to be conducted through said firewall; 
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transmitting test signals to at least one port on a 
first side of said firewall; 

determining a time when said test signals first pass 
through said at least one port, said at least one port being 
opened in response to said signal to initiate a 
communications session; 

determining a port opening delay which occurs in regard 
to opening a port in said firewall for said communications 
session from said determined time; 

transmitting session signals at an increasing rate 
through said firewall to cause at least one of the opening 
and closing of ports in said firewall; and 

measuring the effect of said increasing rate of session 
signals on at least one of an opening and closing delay time 
associated with opening and closing ports, respectively, in 
response to said session signals. 

Claim 19 (original): The method of claim 18, wherein said 
session signals are at least one of SIP and H.323 compliant 
signals . 

Claim 20 (original) : A firewall test apparatus, comprising: 

a session signaling module for generating session 
signals used to initiate a communications session to be 
conducted through a firewall to be tested and to terminate a 
communications session after it has been initiated; 

a scanning probe generation module for generating probe 
signals to be directed at firewall ports; 

a timing synchronization module for synchronizing 
operation of said firewall test apparatus to at least one of 
an external clock source and another firewall test apparatus; 
and 
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an analysis module for determining at least a port 
closing delay from a session signal time and a time probe 
signals are detected to stop passing through a port in said 
firewall corresponding to an initiated communications 
session . 

Claim 21 (original) : The firewall test apparatus of claim 
20, wherein said analysis module further includes means for 
determining at least a port opening delay from a session 
signal time associated with a session signal used to initiate 
a communications session and a time probe signals are 
detected to start passing through a port in said firewall 
corresponding to the initiated communications session. 

Claim 22 (previously presented) : A firewall test apparatus, 
comprising : 

a session signaling module for generating session 
signals used to initiate a communications session to be 
conducted through a firewall to be tested and to terminate a 
communications session after it has been initiated, and means 
for flooding said firewall with increasing amounts of session 
signal traffic used to initiate and terminate communications 
sessions ; 

a scanning probe generation module for generating probe 
signals to be directed at firewall ports; 

a timing synchronization module for synchronizing 
operation of said firewall test apparatus to at least one of 
an external clock source and another firewall test apparatus; 
and 

an analysis module for determining at least a port 
closing delay from a session signal time and a time probe 
signals are detected to stop passing through a port in said 
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firewall corresponding to an initiated communications 
session, and for determining at least a port opening delay 
from a session signal time associated with a session signal 
used to initiate a communications session and a time probe 
signals are detected to start passing through a port in said 
firewall corresponding to the initiated communications 
session . 

Claim 23 (original) : The firewall test apparatus of claim 

22, wherein said analysis module includes: 

means for determining the effect of increasing amount of 
session signaling flooding said firewall on the closing 
delays associated with terminating existing communications 
sessions . 

Claim 24 (original) : The firewall test apparatus of claim 

23, further comprising: 

an output device for outputting a report showing the 
effect of flooding said firewall with increasing amounts of 
session signals on the closing delays associated with 
terminating existing communications sessions. 

Claim 25 (original) : A firewall test system for testing a 
firewall, comprising; 

a test signal generator for generating communications 
session initiation signals and probe signals directed at a 
first side of said firewall; and 

a test signal analyzer for detecting probe signals 
passing through said first side of said firewall to said 
second side of said firewall and for determining port closing 
delays as measured from the time the test signal analyzer 
detects a signal used to close a port in said firewall and 
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said analyzer ceases to detect test signals passing through 
said firewall. 

Claim 26 (original): The firewall test system of claim 25, 
wherein said test signal generator further includes: 

means for establishing a communications session through 
said firewall using session initiation signals prior to 
transmitting at least some of said probe signals. 

Claim 27 (original): The firewall test system of claim 26, 
wherein said test signal generator includes means for 
synchronizing test signal generation to an outside clock 
source; and 

wherein said signal analyzer includes means for 
synchronizing device operation with said outside clock 
source . 

Claim 2 8 (previously presented) : A firewall test system for 
testing a firewall, comprising; 

a test signal generator for generating communications 
session initiation signals and probe signals directed at a 
first side of said firewall, including means for establishing 
a communications session through said firewall using session 
initiation signals prior to transmitting at least some of 
said probe signals, means for synchronizing test signal 
generation to an outside clock source, and means for flooding 
said firewall with session signals which trigger the opening 
or the closing of ports in said firewall; and 

a test signal analyzer for detecting probe signals 
passing through said first side of said firewall to said 
second side of said firewall and for determining port closing 
delays as measured from the time the test signal analyzer 
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detects a signal used to close a port in said firewall and 
said analyzer ceases to detect test signals passing through 
said firewall, and means for synchronizing device operation 
with said outside clock source. 

Claim 29 (original): The firewall test system of claim 28, 
wherein said test analyzer further includes: 

means for measuring the effect of increasing the rate of 
session signals on port closing times following the 
termination of a communications session. 

Claim 3 0 (previously presented) : A method of testing a 
firewall, comprising the steps of: 

transmitting session termination signals used to control 
termination of communications sessions through said firewall 
at an increasing rate; and 

measuring the effect of the increasing rate of session 
termination signals on port closing delays associated with 
the termination of communications sessions through said 
firewall . 

Claim 31 (original): The method of claim 30, further 
comprising; 

determining the session signal rate which results in a 
maximum acceptable port closing delay being exceeded. 

Claim 32 (original) : The method of claim 31, wherein said 
transmitted session signals are at least one of SIP signals 
and H.3 23 signals. 
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